Overview

overview

10

Static

static

8

03ff897da4...b3.exe

windows7_x64

7

03ff897da4...b3.exe

windows10_x64

7

10493d98a6...41.exe

windows7_x64

7

10493d98a6...41.exe

windows10_x64

7

11747d3247...67.exe

windows7_x64

7

11747d3247...67.exe

windows10_x64

San11 Tc/D...eg.htm

windows7_x64

1

San11 Tc/D...eg.htm

windows10_x64

1

San11 Tc/DrvMgt.dll

windows7_x64

1

San11 Tc/DrvMgt.dll

windows10_x64

1

San11 Tc/L...es.exe

windows7_x64

1

San11 Tc/L...es.exe

windows10_x64

1

San11 Tc/S...er.exe

windows7_x64

1

San11 Tc/S...er.exe

windows10_x64

1

San11 Tc/S...er.exe

windows7_x64

1

San11 Tc/S...er.exe

windows10_x64

1

San11 Tc/S...YS.exe

windows7_x64

San11 Tc/S...YS.exe

windows10_x64

San11 Tc/San11.exe

windows7_x64

8

San11 Tc/San11.exe

windows10_x64

8

San11 Tc/san11pk.exe

windows7_x64

3

San11 Tc/san11pk.exe

windows10_x64

1

San11 Tc/�...��.exe

windows7_x64

3

San11 Tc/�...��.exe

windows10_x64

10

23c9e16cc6...7b.exe

windows7_x64

5

23c9e16cc6...7b.exe

windows10_x64

5

36a18ae31f...d0.exe

windows7_x64

7

36a18ae31f...d0.exe

windows10_x64

7

4109a062b3...d4.exe

windows7_x64

8

4109a062b3...d4.exe

windows10_x64

8

CW3.exe

windows7_x64

1

CW3.exe

windows10_x64

1

Analysis

  • max time kernel
    152s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    20-10-2021 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

  • Size

    3.3MB

  • MD5

    4b7efd3940f856057ffe8c16c5381cb3

  • SHA1

    0eace6aed81b91ae898e768ad52d7f88ff15ff0d

  • SHA256

    23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b

  • SHA512

    1b243473f5632dd2bf55c8cce07cea7a09c6cbf99ce4bae59bce7cb15b592db6ace590ba797919564845564d52fc66b3b34ec5bb2477bb81264d6ba06603cc9d

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 29 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe
    "C:\Users\Admin\AppData\Local\Temp\23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of AdjustPrivilegeToken
    PID:1544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1544-54-0x00000000755A1000-0x00000000755A3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1544-56-0x0000000076510000-0x0000000076557000-memory.dmp
    Filesize

    284KB

    Download
  • memory/1544-58-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-64-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-63-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-62-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-61-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-60-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-59-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-57-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-65-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-66-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-67-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-68-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-69-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-71-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-70-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-72-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-73-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-74-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-76-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-75-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-78-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-77-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-89-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-90-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-88-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-87-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-86-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-85-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-84-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-83-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-82-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-81-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-80-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-79-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-95-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-99-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-98-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-97-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-96-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-94-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-93-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-92-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-91-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-108-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-107-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-106-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-105-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-104-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-103-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-102-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-101-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-100-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-112-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-111-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-110-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-113-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-109-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-114-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-115-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-116-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-117-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-118-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-1369-0x0000000000B20000-0x0000000000B69000-memory.dmp
    Filesize

    292KB

    Download
  • memory/1544-1371-0x0000000002730000-0x00000000028B1000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1544-4806-0x00000000028C0000-0x00000000029D1000-memory.dmp
    Filesize

    1.1MB

    Download
  • memory/1544-4811-0x0000000000400000-0x0000000000B1F000-memory.dmp
    Filesize

    7.1MB

    Download
  • memory/1544-4812-0x0000000000400000-0x0000000000B1F000-memory.dmp
    Filesize

    7.1MB

    Download
  • memory/1544-4813-0x00000000025F0000-0x0000000002691000-memory.dmp
    Filesize

    644KB

    Download
  • memory/1544-4814-0x00000000024A0000-0x00000000025A1000-memory.dmp
    Filesize

    1.0MB

    Download
  • memory/1544-4815-0x00000000002B0000-0x00000000002B1000-memory.dmp
    Filesize

    4KB

    Download